• Title/Summary/Keyword: ID-based Key Distribution

Search Result 26, Processing Time 0.02 seconds

A Design of Secure Mobile Agent Systems Employing ID based Digital Multi-Signature Scheme (ID기반 디지털 다중 서명 기술을 적용한 안전한 이동 에이전트 시스템의 설계)

  • Yoo, Seong-Jin;Kim, Seong-Yeol;Lee, Ok-Bin;Chung, Il-Yong
    • The KIPS Transactions:PartC
    • /
    • v.10C no.1
    • /
    • pp.17-26
    • /
    • 2003
  • Mobile agent system comes into the spotlight since it contributes largely to mobile computing on distributed network environment. However, this system has a number of significant security Problems. In this Paper, we analyze suity attacks to mobile agent system Presented by NIST[3]. In order to protect this system from them, we suggest a security protocol for mobile agent system by employing R based key distribution and digital multi-signature scheme. To solve these problems described in NIST, securities for mobile agent and agent platform shouid be accomplished. Comparing with other protocols, our protocol performs both of these securities, while other protocols mentioned only one of them. Proposed Protocol satisfies simplicity of key management, providing security service such as confidentiality, integrity, authentication and preventing reputation, liveness guarantee, protection of excution-result data and preventing replay attack. Furthermore, it is designed to detect message modification immediately by verifying each step of agent execution at a corresponding server.

Key Management and Recovery Scheme over SCADA System Using ID-based Cryptosystem (ID 기반 암호 기법을 이용한 SCADA 시스템에서 비밀 키 관리 및 복구 방안)

  • Oh, Doo-Hwan;Choi, Doo-Sik;Na, Eun-Sung;Kim, Sang-Chul;Ha, Jae-Cheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.3
    • /
    • pp.427-438
    • /
    • 2012
  • The SCADA(Supervisory Control and Data Acquisition) systems are used to control some critical national infrastructures such as electricity, gas, and water distribution systems. Recently, there are many researches on key management scheme for secure communication due to change to the open network environment. We propose a new key management method which is established on ID-based cryptosystem using pairing on MTU(Master Terminal Unit), Sub-MTU, and RTU(Remote Terminal Unit). Furthermore, we present a redistribution protocol of private key of each device and a system recovery protocol as a countermeasure of exposure of KMS(Key Management System) master key which is occurred by some unexpected accidents or malicious attacks.

A Study on the Conference Key Distribution System based on ID-information (ID 정보에 의한 회의용 암호키 분배방식)

  • 손기욱;이경호;권창영;이인숙;원동호
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 1991.11a
    • /
    • pp.261-269
    • /
    • 1991
  • 암호 방식의 보안성은 암호키 보안에 커다란 영향을 받고 있어 암호 통신망 가입자가 상호간에 공유해야 하는 통신키 분배 문제가 암호학의 중요한 연구 분야가 되고 있다. 통신키를 분배 하는 방식은 크게 중앙 집중식 키 분배 방식과 공개키 분배 방식, 그리고 ID 정보에 의한 분배 방식으로 나눌 수 있다. 본 논문에서는 다자간 회의용 암호 통신키 분배 방식으로 사용할 수 있는 새로운 ID 정보에 의한 키 분배 방식을 제안하였다.

  • PDF

A Study On ID-Based Group Signature (신원 정보 기반 그룹 서명)

  • Kim, Dae-Youb;Ju, Hak-Soo
    • The KIPS Transactions:PartC
    • /
    • v.12C no.4 s.100
    • /
    • pp.489-494
    • /
    • 2005
  • In 2002, Shundong Xia proposed a new ID-based group signature scheme with strong separability. The nature of a strong separability is to divide group manager's role into a membership manager and a revocation manager Jianhong et al showed that the scheme was not coalition-resistant. In this letter, we first propose two new attacks, forgery and link attacks, for Xia-You's scheme. We also propose a new ID-based group signature scheme that Is resistant to coalition, forgery and link attacks

Adaptation of a Key Distribution Scheme for VSAT Satellite Communications (VSAT 위성통신 보호를 위한 키 분배 방식의 적용)

  • Park, Jeong-Hyeon;Im, Seon-Bae
    • The Transactions of the Korea Information Processing Society
    • /
    • v.6 no.1
    • /
    • pp.115-122
    • /
    • 1999
  • This paper presents a key distribution scheme based on the Yacobi scheme that does not use the secret key provided by key distribution center, but uses instead a random number generated y the user. The scheme is independent of the exposure of the secret key. this paper also presented the key distribution schemes based on the Diffie-Hellman (DH) and ID (identity). The schemes based on the solving of the discrete logarithm and prime resolution into factors are better on the expose of secret key. The proposed scheme based on the DH was applied to VSAT satellite communications and simulated on PC using Montgomery algorithm for modular and MD5 (Message Digest) for hashing function.

  • PDF

Secret Group Key Distribution and Re-sharing Protocol Based on the Identity Security System. (ID보안 시스템에 기반한 그룹 비밀키 분배 및 갱신 프로토콜)

  • 오명옥;정일용;김성열
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2002.04a
    • /
    • pp.757-759
    • /
    • 2002
  • 본 논문에서는 ID 보안 기술에 기반을 둔 디지털서명, 키분배 기법을 이용하여 그룹 비밀키의 분배와 갱신을 위한 효율적인 프로토콜을 제안한다. 제안된 프로토콜의 안전성은 이산대수 문제에 근거하고 있으며 단말기의 저장능력과 처리의 능력이 적을 경우도 적절하게 운영될 수 있고, 그룹 내에서 제외하고자하는 통화자가 동시에 여러 명일 경우에도 적용한 수 있다. 또한 통화자의 변동 없이 그룹 비밀키를 변경하고자 하는 경우에도 용이하게 키를 갱신할 수 있도록 설계되었다.

  • PDF

TinyIBAK: Design and Prototype Implementation of An Identity-based Authenticated Key Agreement Scheme for Large Scale Sensor Networks

  • Yang, Lijun;Ding, Chao;Wu, Meng
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.11
    • /
    • pp.2769-2792
    • /
    • 2013
  • In this paper, we propose an authenticated key agreement scheme, TinyIBAK, based on the identity-based cryptography and bilinear paring, for large scale sensor networks. We prove the security of our proposal in the random oracle model. According to the formal security validation using AVISPA, the proposed scheme is strongly secure against the passive and active attacks, such as replay, man-in-the middle and node compromise attacks, etc. We implemented our proposal for TinyOS-2.1, analyzed the memory occupation, and evaluated the time and energy performance on the MICAz motes using the Avrora toolkits. Moreover, we deployed our proposal within the TOSSIM simulation framework, and investigated the effect of node density on the performance of our scheme. Experimental results indicate that our proposal consumes an acceptable amount of resources, and is feasible for infrequent key distribution and rekeying in large scale sensor networks. Compared with other ID-based key agreement approaches, TinyIBAK is much more efficient or comparable in performance but provides rekeying. Compared with the traditional key pre-distribution schemes, TinyIBAK achieves significant improvements in terms of security strength, key connectivity, scalability, communication and storage overhead, and enables efficient secure rekeying.

A Study on Efficient Data De-Identification Method for Blockchain DID

  • Min, Youn-A
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.13 no.2
    • /
    • pp.60-66
    • /
    • 2021
  • Blockchain is a technology that enables trust-based consensus and verification based on a decentralized network. Distributed ID (DID) is based on a decentralized structure, and users have the right to manage their own ID. Recently, interest in self-sovereign identity authentication is increasing. In this paper, as a method for transparent and safe sovereignty management of data, among data pseudonymization techniques for blockchain use, various methods for data encryption processing are examined. The public key technique (homomorphic encryption) has high flexibility and security because different algorithms are applied to the entire sentence for encryption and decryption. As a result, the computational efficiency decreases. The hash function method (MD5) can maintain flexibility and is higher than the security-related two-way encryption method, but there is a threat of collision. Zero-knowledge proof is based on public key encryption based on a mutual proof method, and complex formulas are applied to processes such as personal identification, key distribution, and digital signature. It requires consensus and verification process, so the operation efficiency is lowered to the level of O (logeN) ~ O(N2). In this paper, data encryption processing for blockchain DID, based on zero-knowledge proof, was proposed and a one-way encryption method considering data use range and frequency of use was proposed. Based on the content presented in the thesis, it is possible to process corrected zero-knowledge proof and to process data efficiently.

Secure One-Time Password Authentication in Mobile Environments (모바일 환경에서 안전한 일회용 패스워드 인증)

  • Kim, Dong-Ryool
    • Journal of Digital Convergence
    • /
    • v.11 no.12
    • /
    • pp.423-430
    • /
    • 2013
  • With the active Internet e-commerce and the financial sector, mutual authentication between users and service providers has become very important. Because ID- and password-based authentication is of low security, one-time password authentication methods are widely used. The existing one-time password authentication scheme of S/Key authentication method is fraught with a number of issues in addition to plain text transmission, and the method of Kim Gong-ki et al. does not offer suggestions for session key generation and distribution method. Proposed in this paper is a protocol that solves these problems.

A Study on PIN-based Authentication and ID Registration by Transfer in AAA System (AAA시스템에서의 이동에 따른 PIN 기반의 인증 및 ID 등록에 관한 연구)

  • Kang Seo-Il;Lee Im-Yeong
    • The KIPS Transactions:PartC
    • /
    • v.13C no.3 s.106
    • /
    • pp.359-368
    • /
    • 2006
  • AAA(Authentication, Authorization, Accounting) is the service that offers authentication, authorization, and accounting method, and every terminal that accesses the network requires this AAA service. The authentication process of a mobile terminal is as follows: a mobile phone accesses an authentication server in a home network via the authentication service in an external network, which receives the authentication result. And, for the home authentication server to offer secure service, a unique key is distributed for the secure communication between the external agent and the user, the external agent and the home authentication server, and the user and the home authentication server. This paper discusses and proposes the key distribution for secure communication among external authentication servers when a mobile terminal travels to an external network. As the proposed method does not require the home authentication server to reissue another authentication when a user travels to other external networks, it reduces the overload in the home authentication server. It can also distribute a PIN-driven key.